Horizon Persona Management and Windows roaming profiles require a specific minimum level of permissions on the user profile repository. Horizon Persona Management also requires that the security group of the users who put data on the shared folder must have read attributes on the share.
Set the required access permissions on your user profile repository and redirected folder share.
| User Account | Minimum Permissions Required |
|---|---|
| Creator Owner | Full Control, Subfolders and Files Only |
| Administrator | None. Instead, enable the Windows group policy setting, Add the Administrators security group to the roaming user profiles. In the Group Policy Object Editor, this policy setting is located in Computer Configuration\Administrative Templates\System\User Profiles\. |
| Security group of users needing to put data on share | List Folder/Read Data, Create Folders/Append Data, Read Attributes - This Folder Only |
| Everyone | No permissions |
| Local System | Full Control, This Folder, Subfolders and Files |
| User Account | Default Permissions | Minimum Permissions Required |
|---|---|---|
| Everyone | Read only | No permissions |
| Security group of users needing to put data on share | N/A | Full Control |
For information about roaming user profiles security, see the Microsoft TechNet topic, Security Recommendations for Roaming User Profiles Shared Folders. http://technet.microsoft.com/en-us/library/cc757013(WS.10).aspx
